Penetration Testing

Uncover hidden risk by thinking and acting like a real hacker

Contact Us

Mind the Gaps with Penetration Testing

Penetration Testing, or a pentest for short, is a simulated cyber attack against your systems using actual hacking tools and techniques. If we defeat your security measures, congratulations — we found your weaknesses before the bad guys did. And we’ll be right by your side with remediation guidance.

There are several different types of penetration tests to accomodate any type of target or platform. All of our penetration tests are based upon the MITRE ATT&CK methodology to ensure that the results you receive are comprehensive.

Why perform a Penetration Test?

Organizations use Penetration Testing for a variety of reasons. Often it’s to fine-tune their security devices, uncover vulnerabilities that they didn’t know they had, or simply test the effectiveness of their blue teams. Companies that need to justify budget increases also use a pentest to prove that it is possible to breach their defenses and capture potentially damaging information. Once Raxis findings are written clearly in a report, it is easier to make a case for increased spending in cybersecurity.

Penetration test findings can sometimes create a bit of work to remediate, but we’ll help by demonstrating step-by-step what we did and documenting how to fix it. If we could breach your perimeter and gain access to your network, then it’s certainly possible for a malicious attacker to do the same. Unfortunately that means reworking your cybersecurity processes. Other times, it means a complete overhaul of your security program. Either way, you'll go in knowing the strategic value of corrective actions. We may share some virtual high-fives among ourselves, but the real victory is yours. You will have uncovered hidden risks, taken corrective actions, and become better prepared for the real-world threats coming your way.

DON'T BE ALARMED

After we break into your systems, we may share some virtual high-fives among ourselves, but the real victory is yours.

What’s the difference between a Pentest and a Vulnerability Scan?

Professional engineer, manual testing and reporting

A Raxis Penetration Test is a much more thorough, manual procedure that requires highly specialized talent, years of expertise, self-compiled tools, and a bit of creativity to accomplish correctly. A pentest uncovers security risks that the vulnerability scan simply can’t see. For example, a nested critical vulnerability that is hidden behind a moderate exposure, or a business logic error that the scanner didn’t realize provided critical access. It’s not about getting a clean report - you want us to find ways into your network. Once you know how we breached your perimeter, you can close those gaps and significantly reduce your chances of being hacked by a real malicious actor.

Red and Blue Arrows going different directions

Software checks, automated report

A vulnerability scan, or vuln scan for short, is a security assessment conducted using a software tool to test defined targets, and the output provided is an automated report. Vuln scans can be run by almost anyone with technical knowledge and are often used to meet regulatory requirements or ensure that security controls are performing as expected. There’s nothing wrong with vulnerability scans; they certainly have a use and are often performed by our customers right before a penetration test to help prepare. However, vuln scans (and their mislabeled “discount pentest” counterparts) are not the same as a penetration test. Companies who misrepresent a vulnerability scan as a pentest are looking for customers that simply want to “check-the-box” and move on. They just want a clean report, but this is very short sighted.

Penetration Test Types

Internet of Things (IoT)

Embedded systems are more prevalent in our connected world than ever before. We’ve tested cable modems, physical access controls, surveillance cameras, and more.

These embedded devices power our IoT connected world and, unfortunately, often contain vulnerabilities. Maybe it's due to a proprietary network stack or because they’re running outdated code, or maybe the design gaps are reflecting a lack of industry standards. Maybe all of the above. No matter the reason, we've exploited devices and embedded controllers even as their designers have said it was impossible.

SCADA

Raxis SCADA pentesters are experienced in all types of controllers, including those used by power generation, logistics, water treatment, oil platforms, and transportation. We’ve flown all over the world and even undergone HUET safety training.

As the PLC, RTU, HMI, and other systems are often forgotten about while deployed in the field, security gaps are repeatedly prevalent at all levels. Finding the vulnerabilities is usually the hardest part of the battle, and our process doesn't leave any stone unturned. We can perform SCADA testing both onsite and remotely using Transporter to securely interface the private side of the network.

Penetration Testing FAQ

Each company has a different network landscape and different goals for their pentest. Raxis works with your team directly to be sure that your quote covers what you need while working within your budget.

While malicious hackers may have all the time in the world to attempt to break into your systems, our tests are scoped for a certain amount of pentesting hours -- the timebox. Our engagement ends with a report that clearly explains what Raxis accomplished during the time of your test and what you can do to make your environment more secure against a malicious hacker attempting the same things.

This often depends on your industry and specific needs of your company, but Raxis recommends at least an annual pentest. If a zero-day hack is released after your annual pentest, your pentesting team won't attempt it on your systems until your next pentest, so some companies with high-risk data and assets performs multiple pentests in the same year. Note that Raxis' PTaaS offering provides the best of both worlds with one annual pen test and continuous monitoring throughout the year.

While we sometimes work with companies that follow this philosophy, we believe it is flawed. The idea is that different pentesters all have different backgrounds and different strengths, but all pentesting companies are not the same. Raxis pentesters have strong backgrounds and certifications, and they are always working together to learn and share current knowledge about new vulnerabilities and exploits. Not all of our competitors can say the same. We recommend that companies find a trusted pentesting company, such as Raxis, and trust them to perform strong tests year after year.

We do not break the law. Our contracts spell out what we are and aren’t allowed to do. For example, we will never damage or destroy our customers’ property. What we will do is demonstrate how a real hacker could — and show our customers so that they can take steps to prevent it. Even if most company employees don’t know what is going on, leadership does and has agreed to it.

Yes, and it’s all about system uptime and data integrity. Unlike the bad guys, our penetration tests stop short of real damage, and we always obscure the data we take for proof of access. We also stay within any parameters set by the customer, but we always push to the edge of that envelope.

Once scoped, we work directly with cloud providers to inform them of our activities. Raxis has completed numerous tests on Amazon AWS/EC2, Microsoft Azure, Google Cloud, Rackspace, and VMWare cloud. We’ve worked with content delivery front ends such as CloudFlare and Akamai as well. No matter what the tech stack is, Raxis will find the best method possible for your pentest.

Unless otherwise requested, we crack passwords to determine the strength of the password policy and effectiveness of enforcement. We also may re-use passwords to pivot to other systems, which often results in a larger simulated data breach. Raxis uses high-strength encryption to protect the hash data both at rest and in motion. Once our password cracking is complete, we securely delete the password hashes and provide you with a summary including password strength, complexity, and analysis in a redacted pentest report.

The Raxis Penetration Testing team is second to none at pinpointing real world security risks by using the same tools and techniques as a malicious attacker. We’re all in the United States (with many of us based in Atlanta), most of us have at least 10 years of experience, and pentesting is our sole expertise. With so many technology defenses prevalent today, a pentester must understand every aspect of security and the latest techniques to bypass those many controls. The Raxis crew never stops learning the latest exploits, and we have a ton of fun sharing our knowledge. We don’t do checkbox security, and we never will.

Raxis Pentetration Testing Specifications

tl;dr

  • Powered by Raxis One, a secure web interface for all Raxis services
  • Fully capable of working with cloud providers and content delivery networks such as Amazon AWS, Microsoft Azure, Google Cloud, Cloudflare, Akamai, hybrid cloud, and SaaS solutions
  • Raxis utilizes the same tools and techniques as a blackhat hacker
  • Predictable timeline for the assessment
  • Exploitation, pivoting to other in-scope systems, and data exfiltration in scope
  • Executive debrief conference provided, if desired
  • Remote internal network access option available via Raxis Transporter
  • Optional re-test to validate remediation
  • May be combined with Social Engineering for a customized solution
  • Continuous Penetration Testing available with AI technology
  • All Raxis tests are based on the MITRE ATT&CK penetration testing framework
  • Meets or exceeds requirements for NIST 800-53, NIST 800-171/CMMC, PCI, HIPAA, GLBA, ISO 27001, and SOX compliance
  • Available as a one-time service, multi-year agreement, or continuous monitoring